• ArrayChunked Method
• ArrayRange Method
• ArraySize Method
• ExtractMapped Method
• FileJSONAppend Method
• FileJSONGet Method
• FileJSONUpdate Method
• FileJSONUpsert Method
• FileToResultSet Method
• FileToResultSetEx Method
• ForEachString Method
• FormatMapped Method
• FromYaml Method
• getIndexed Method
• getJson Method
• getLength Method
• getProperty Method
• getPropertyString Method
• hasProperty Method
• isArray Method
• isObject Method
• JavascriptToJson Method
• JsonAddFields Method
• JSONAppend Method
• JsonForceObjectArray Method
• JsonFromCSV Method
• JSONGet Method
• JsonObjectFlatten Method
• JsonObjFlattenAndForceObjArray Method
• JsonShred Method
• JsonToCSV Method
• JSONUpdate Method
• JSONUpsert Method
• JWTSign Method
• JWTVerify Method
• nameIndexed Method
• OffsetToPath Method
• PathExtract Method
• PathToOffset Method
• push Method
• setCaseSensitive Method
• setIndexed Method
• setJson Method
• setProperty Method
• TemplateReplace Method
• ToResultSet Method
• ToResultSetEx Method
• ToYaml Method

Extension::JsonJWTSign Method

Syntax

Arguments

json

Json to sign

secret

Secret to hash against.

options

Options to override how the hash is generated (can be alogrithm).

Description

Sign a javascript web token.

Example

dim token as c = extension::JSON::JWTSign(json_sanitize("{ fname : 'john' , lname : 'public'}"),"shhhh!")
? token
= "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJmbmFtZSI6ImpvaG4iLCJsbmFtZSI6InB1YmxpYyIsImlhdCI6MTQ3Nzc3OTA2M30.xwGMV_POhwEoj-mH1PsgscL-uqOfBMLnNsD2SsOtqXE"

Using The Options parameter

The third parameter will override the default alogrithm used to sign the key.

The Options can be passed as JSON as well

Example using options to use RSA hash

In this example, we generate the hash for using RS512 instead of the default HS256.

' declare a string (or read from a key file using file.to_string())
dim privateKey as c = <<%str%
-----BEGIN RSA PRIVATE KEY-----
MIICXAIBAAKBgQCqGKukO1De7zhZj6+H0qtjTkVxwTCpvKe4eCZ0FPqri0cb2JZfXJ/DgYSF6vUp
wmJG8wVQZKjeGcjDOL5UlsuusFncCzWBQ7RKNUSesmQRMSGkVb1/3j+skZ6UtW+5u09lHNsj6tQ5
1s1SPrCBkedbNf0Tp0GbMJDyR4e9T04ZZwIDAQABAoGAFijko56+qGyN8M0RVyaRAXz++xTqHBLh
3tx4VgMtrQ+WEgCjhoTwo23KMBAuJGSYnRmoBZM3lMfTKevIkAidPExvYCdm5dYq3XToLkkLv5L2
pIIVOFMDG+KESnAFV7l2c+cnzRMW0+b6f8mR1CJzZuxVLL6Q02fvLi55/mbSYxECQQDeAw6fiIQX
GukBI4eMZZt4nscy2o12KyYner3VpoeE+Np2q+Z3pvAMd/aNzQ/W9WaI+NRfcxUJrmfPwIGm63il
AkEAxCL5HQb2bQr4ByorcMWm/hEP2MZzROV73yF41hPsRC9m66KrheO9HPTJuo3/9s5p+sqGxOlF
L0NDt4SkosjgGwJAFklyR1uZ/wPJjj611cdBcztlPdqoxssQGnh85BzCj/u3WqBpE2vjvyyvyI5k
X6zk7S0ljKtt2jny2+00VsBerQJBAJGC1Mg5Oydo5NwD6BiROrPxGo2bpTbu/fhrT8ebHkTz2epl
U9VQQSQzY1oZMVX8i1m5WUTLPz2yLJIBQVdXqhMCQBGoiuSoSjafUhV7i1cEGpb88h5NBYZzWXGZ
37sJ5QsW+sJyoNde3xH8vdXhzU7eT82D6X/scw9RZz+/6rCJ4p0=
-----END RSA PRIVATE KEY-----
%str%
dim token as c = extension::JSON::JWTSign(json_sanitize("{ fname : 'john' , lname : 'public'}"),privateKey,"RS512")
? token
= "eyJhbGciOiJSUzUxMiIsInR5cCI6IkpXVCJ9.eyJmbmFtZSI6ImpvaG4iLCJsbmFtZSI6InB1YmxpYyIsImlhdCI6MTQ4MzczNjI4MH0.FbVyXf2k_Q779lWSNQKe6hCM2zNI9k6319jyb0IhrAS2yUI7pRyIHqQ_6Jd9rddOa5xHftKFncXBqp1DsIyw-wqWx8DNeB1jqCQp7BGMxPSUT7RZYIwhwzBcc_mP3wc09hVOtKz1TYk7gnsBuR5Ij3v_H288misTGeN4MEcboU8"

More Complex Options

If you need to do more than override the algorithm, options can hold settings stored as JSON.

In the following example, we will create a token that expires in 30 seconds.

dim options.algorithm as c = "HS512"
dim options.expiresin as n = 30
dim optionsjson as c  = json_generate(options)
? optionsjson
= {
	"algorithm": "HS512",
	"expiresin": 30
}
dim token as c = extension::JSON::JWTSign(json_sanitize("{ fname : 'john' , lname : 'public'}"),"shhhh!",optionsjson)
? token
= "eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJmbmFtZSI6ImpvaG4iLCJsbmFtZSI6InB1YmxpYyIsImlhdCI6MTQ4MzczNzcyMCwiZXhwIjoxNDgzNzM3NzUwfQ.1mhtUd6nYuYK1H3gviJHeg_5GWBZX1gFvD_2Fc_s0BueUFSc_WjRk5YqxZy9Wbg19uLmKPJqsJmQWt2xfx10Sg"

? extension::JSON::JWTVerify(token,"shhhh!","HS512")
= {"fname":"john","lname":"public","iat":1483737720,"exp":1483737750}

' Wait for 30 seconds

' The token is no longer any good!
? extension::JSON::JWTVerify(token,"shhhh!","HS512")
= ""

In a similiar example - we can create a token that isn't valid untill a specified time has passed.

dim options.algorithm as c = "HS512"
dim options.notbefore as n = 30
dim optionsjson as c  = json_generate(options)
? optionsjson
= {
	"algorithm": "HS512",
	"notbefore": 30
}
dim token as c = extension::JSON::JWTSign(json_sanitize("{ fname : 'john' , lname : 'public'}"),"shhhh!",optionsjson)
? token
= "eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJmbmFtZSI6ImpvaG4iLCJsbmFtZSI6InB1YmxpYyIsImlhdCI6MTQ4MzczODM1NywibmJmIjoxNDgzNzM4Mzg3fQ.nEZHZR_NtudTf6mn0P4OoFT4QtRLzSwBEJIMBmDLeXU98rM_fH0Tik5gWsw7wDOkiuytQ35hKi9RX-OJneHfEQ"

' Not yet
? extension::JSON::JWTVerify(token,"shhhh!","HS512")
= ""

' Wait for 30 seconds
' Ok - now the token is valid!
? extension::JSON::JWTVerify(token,"shhhh!","HS512")
= {"fname":"john","lname":"public","iat":1483738357,"nbf":1483738387}

You can specify both expiresin and notbefore for a token that will be valid only from 30 seconds after it was issued to 60 seconds after it was issued.

dim options.algorithm as c = "HS512"
dim options.expiresin as n = 60
dim options.notbefore as n = 30
dim optionsjson as c  = json_generate(options)
? optionsjson
= {
	"algorithm": "HS512",
	"notbefore": 30,
	"expiresin": 60
}

dim token as c = extension::JSON::JWTSign(json_sanitize("{ fname : 'john' , lname : 'public'}"),"shhhh!",optionsjson)
? token
= "eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJmbmFtZSI6ImpvaG4iLCJsbmFtZSI6InB1YmxpYyIsImlhdCI6MTQ4MzczOTI0NSwibmJmIjoxNDgzNzM5Mjc1LCJleHAiOjE0ODM3MzkzMDV9.1HWFTyzF4KUXhBcLACroca1-1rowKiVL9XZJAweMJon6sOJaHA3mXGU0oHtXTycZylbSV1TvS5F8nNJjSCOeXw"

' Not ready yet
? extension::JSON::JWTVerify(token,"shhhh!","HS512")
= ""

' Wait for 30 seconds
? extension::JSON::JWTVerify(token,"shhhh!","HS512")
= {"fname":"john","lname":"public","iat":1483739245,"nbf":1483739275,"exp":1483739305}

' Wait another 30 seconds for a grand totla of 60 seconds
? extension::JSON::JWTVerify(token,"shhhh!","HS512")
= ""

Options that can be specified